What is our primary use case?
I am a solution architect and my company works purely for Fortinet, implementing all versions on a daily basis, so we're not end-users. The company is an exclusive distributor implementing the product.
The primary use case of the product is usually for multifactor authentication using two-factor authentication with tokens. Sometimes people require two factors with a token. Sometimes they need the latest POC. I do a proof of concept for windows login. They need the agent who authenticates with SMS, token or email.
What is most valuable?
Usually, I do an integration with the firewall. I would prefer to do it with FortiGate, but sometimes I need to integrate as a radius client and it depends on which firewall. I prefer FortiGate. Sometimes they'll need to add an SMS as the second factor of the two-factor authentication. But usually, we do it as an unarmed radius FortiGate, or firewall would be for a radius client and radius server. Sometimes clients will ask whether we have integration with a social portal like Facebook, but we don't.
What needs improvement?
There aren't any major features that I think should be improved. I like this product. As a multifactor authentication, we have the SAML function. If you compare it with RSA or Gemalto, it does a good job. I'm able to perform multifactor authentication in different ways via emails, SMS, it's a great product. For someone concerned with multifactor authentication, I'm satisfied with the product.
There aren't any major additional features they could include in the next release but the one thing they used to include was the SMS gateway from the ISP. Fortinet used to sell that but they don't anymore and I think it would be helpful for end-users if they brought it back. I would recommend that. People are asking for it because they don't like having to rent it from their mobile provider.
For how long have I used the solution?
I've been using FortiAuthenticator for about a year.
What do I think about the stability of the solution?
The product is very stable. I love it.
What do I think about the scalability of the solution?
I think it's a scalable product. I haven't compared it to the competitors but it's scalable.
How are customer service and technical support?
Part of the reason it's such a good product is that I don't recall ever needing to call for technical support.
How was the initial setup?
Initial setup and configuration are very straightforward. From a technical perspective, you need to know where to do the PDS but if you have a technical background it should be very straightforward. I just bring the VM or the trial license and I start to do the POC, usually with the VM.
Initial setup and deployment sometimes need integration with FortiGate, and sometimes via the captive portal. It takes a maximum of an hour, but it also depends on the end-user and what they need to be integrated into the system, like features such as SMS gateway parameters.
What's my experience with pricing, setup cost, and licensing?
I think the setup cost is reasonable, and we don't need to renew the license. Sometimes there are extra costs for the VM. Our main competitors are RSA and Gemalto, and the Fortinet prices are very competitive relative to their prices.
What other advice do I have?
As a distributor of Fortinet, I would suggest people give this product a little bit of focus. I mean we can do well on this product if we concentrate on it. People don't know about the two-factor authentication and that it's easy and straightforward. We also include some features for free but I suggest that people using Fortinet just focus on this product. FortiAuthenticator has created a straightforward easy-to-use product.
I would rate it a nine out of ten. Not a ten because nothing is perfect.
Which deployment model are you using for this solution?
Disclosure: My company has a business relationship with this vendor other than being a customer: Reseller.